According to the FTC, the hackers gained control of Twitter on two occasions between January and May of 2009. And today, after many months of consideration, the FTC and Twitter came to an agreement over the incident. Under the terms of the settlement, “Twitter will be barred for 20 years from misleading consumers about the extent to which it protects the security, privacy, and confidentiality of nonpublic consumer information….” The company also must “establish and maintain a comprehensive information security program, which will be assessed by an independent auditor every other year for 10 years.”

Twitter officially admits no wrongdoing, but failing to live up to terms of the settlement could cost them as much as $16,000 per violation.